I realize this if fairly old now but we're just deploying physical Palo firewalls and I love them quite a bit. They are definitely real firewalls. But seeing this it answers so many questions about how to do the three tier model so much better than we are. Great presentation.
iupsc1 second ago Sir u are using this blackboard ? Did u ever face copyright issue . If face where did u get the permission . Plzz help me out because i also using this technollgy to teach in india . Plzz tell me if any issue i am getting in future about copyright
This was a great video in 2014. times have changed, better create the SVI's on the FW and put them in zones, then you just manage 1 HA pair instead of a bunch of VM's
No, doing SVI's and trying them to zones is the old fashioned way. For instance, web servers would have to be on the proper SVI to be included in the Web Server zone. This means the web servers would need to be in a specific IP address space/VLAN/subnet. The whole point of the SDDC and SDN is to abstract the security policy from the underlying infrastructure, and in particular, the IP address space.
zxyxtrrt - If I was a hacker I would apply for a job as sysadmin assistant or cleaning woman in your datacenter and briefly ram a thumbdrive with a customised stuxnet architecture funpack into every server. Does the firewall have a proper NSA-backdoor, like in the NIST encryption?? PS: +Winston Churchill, internal binary infection wil be the future
I realize this if fairly old now but we're just deploying physical Palo firewalls and I love them quite a bit. They are definitely real firewalls. But seeing this it answers so many questions about how to do the three tier model so much better than we are. Great presentation.
iupsc1 second ago
Sir u are using this blackboard ? Did u ever face copyright issue . If face where did u get the permission . Plzz help me out because i also using this technollgy to teach in india . Plzz tell me if any issue i am getting in future about copyright
I wish you would do one of these with simple ESXi and not just NSX
This was a great video in 2014. times have changed, better create the SVI's on the FW and put them in zones, then you just manage 1 HA pair instead of a bunch of VM's
No, doing SVI's and trying them to zones is the old fashioned way. For instance, web servers would have to be on the proper SVI to be included in the Web Server zone. This means the web servers would need to be in a specific IP address space/VLAN/subnet. The whole point of the SDDC and SDN is to abstract the security policy from the underlying infrastructure, and in particular, the IP address space.
I can't find the Nourth/South video demo. Can you point me to the URL?
th-cam.com/video/ZsAPPUVK-DY/w-d-xo.html
th-cam.com/video/ZsAPPUVK-DY/w-d-xo.html&ab_channel=PaloAltoNetworks
Panorama binary infection
zxyxtrrt - If I was a hacker I would apply for a job as sysadmin assistant or cleaning woman in your datacenter and briefly ram a thumbdrive with a customised stuxnet architecture funpack into every server.
Does the firewall have a proper NSA-backdoor, like in the NIST encryption??
PS: +Winston Churchill, internal binary infection wil be the future
bkj
yt
Nadeem Mohammed You are talking in riddles. What do you mean?
You can, once then no one will hire you again ever.
n30a On the contrary. It just depends what job you are applying for and with whom.